CAAT Pension Plan is seeking a Senior Information Security Analyst to join our team. In this pivotal role, you will assist in implementing and monitoring security controls to protect the organization's assets and data. You will be responsible for risk identification, threat protection, detection, monitoring, and response to cyber events, while also playing a key part in deploying new security solutions and maintaining our security tools.
What You'll Do
- Participate in planning for Cybersecurity roadmaps to drive technical operational standards and architecture elements.
- Provide technical support to the Manager Cybersecurity Architecture and Program Delivery on cyber initiatives like Data Loss Prevention, Privileged Access Management, ISO 27001 Certification and assessments.
- Maintain up-to-date baselines for the secure configuration and operation of security tools and technologies including Firewall, IPS/IDS, Application Control, web filtering, Messaging Gateway, SIEM, DLP, IAM and Endpoint Protection.
- Work with other groups and technology stakeholders to support the design and implementation of security by design.
- Lead cyber risk assessments to uncover vulnerabilities and misconfigurations, and track remediation activities.
- Demonstrate expertise in the design of security architecture and support the implementation of security by design across all systems.
- Perform risk and control design assessments of infrastructure, systems, and cloud-based solutions, recommending remedial actions.
- Demonstrate expertise in the design and execution of vulnerability assessments, penetration tests, and security audits.
- Implement on-going cyber risk reporting, monitoring key trends and tracking metrics to measure control effectiveness.
- Help implement and enhance Threat Modelling capability within SDLC and application development efforts.
What We're Looking For
- A minimum of five (5) years of practical experience in various cybersecurity domains such as cyber architecture, security operations, and technical risk assessments.
- Post-secondary diploma or degree in the field of computer science.
- A relevant security certification such as CISSP, CCSP, Security+, CEH, or CompTIA Security+.
- Understanding of security standards and frameworks such as ISO27001, NIST, and CIS.
- Strong knowledge of technical configurations from various operating systems and security solutions (Windows, Linux, VMware, IDS / IPS, DLP, SIEM, WAF, VPNs, encryption, etc.).
- At least 4 years of demonstrated experience in security architecture for both applications and infrastructure.
- Excellent problem-solving and analytical skills to identify and resolve security issues effectively.
- Proven project management and organizational skills, specifically managing multiple, concurrent projects.
- Excellent written and verbal communication coupled with an ability to work with minimal supervision.
- Knowledge of cloud platform security, M365 security, application security, data security, end point and mobile security, infrastructure & network security including AI, ML and Robotics.
Nice to Have
- Good understanding of cloud security concepts and experience securing cloud-based infrastructure.
Technical Stack
- Firewall, IPS/IDS, Application Control, web filtering, Messaging Gateway, SIEM, DLP, IAM, Endpoint Protection
- Windows, Linux, VMware, WAF, VPNs, encryption
- Cloud-based infrastructure
Team & Environment
This position resides within the Information and Cybersecurity Team and reports to the Manager, Information and Cybersecurity.
Benefits & Compensation
- Opportunities to Build a Better You with endless learning.
- Comprehensive & Holistic Care Total Rewards program prioritizing physical, mental, and financial wellness.
- Flexible work arrangements.
- Comprehensive benefits.
- Wellness incentives.
- Defined benefit pension plan.
CAAT Pension Plan is an equal opportunity employer and will accommodate any needs under the Accessibility for Ontarians with Disabilities Act and the Ontario Human Rights Code.
